[jboss-cvs] JBossAS SVN: r81390 - trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Nov 21 00:45:44 EST 2008
Author: anil.saldhana at jboss.com
Date: 2008-11-21 00:45:44 -0500 (Fri, 21 Nov 2008)
New Revision: 81390
Modified:
trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/TomcatDeployment.java
Log:
JBAS-6226: SecurityContextEstablishmentValve is injected only in the presence of security constraints
Modified: trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/TomcatDeployment.java
===================================================================
--- trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/TomcatDeployment.java 2008-11-21 05:13:29 UTC (rev 81389)
+++ trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/TomcatDeployment.java 2008-11-21 05:45:44 UTC (rev 81390)
@@ -54,6 +54,7 @@
import org.jboss.deployers.vfs.spi.structure.VFSDeploymentUnit;
import org.jboss.logging.Logger;
import org.jboss.metadata.web.jboss.JBossWebMetaData;
+import org.jboss.metadata.web.spec.SecurityConstraintMetaData;
import org.jboss.mx.util.MBeanServerLocator;
import org.jboss.naming.NonSerializableFactory;
import org.jboss.security.SecurityUtil;
@@ -337,13 +338,19 @@
if (metaDataSecurityDomain != null)
metaDataSecurityDomain = metaDataSecurityDomain.trim();
- // Add a valve to establish security context
- SecurityContextEstablishmentValve scevalve = new SecurityContextEstablishmentValve(metaDataSecurityDomain,
- SecurityUtil.unprefixSecurityDomain(config.getDefaultSecurityDomain()),
- SecurityActions.loadClass(config.getSecurityContextClassName()), getSecurityManagement());
- context.addValve(scevalve);
+ List<SecurityConstraintMetaData> constraints = metaData.getSecurityContraints();
+
+ //JBAS-6226: SecurityContextEstablishmentValve kicks in only with security metadata
+ if(constraints != null && constraints.size() > 0)
+ {
+ // Add a valve to establish security context
+ SecurityContextEstablishmentValve scevalve = new SecurityContextEstablishmentValve(metaDataSecurityDomain,
+ SecurityUtil.unprefixSecurityDomain(config.getDefaultSecurityDomain()),
+ SecurityActions.loadClass(config.getSecurityContextClassName()), getSecurityManagement());
+ context.addValve(scevalve);
+ }
- // Add a valve to estalish the JACC context before authorization valves
+ // Add a valve to establish the JACC context before authorization valves
Certificate[] certs = null;
CodeSource cs = new CodeSource(url, certs);
JaccContextValve jaccValve = new JaccContextValve(metaData, cs);
More information about the jboss-cvs-commits
mailing list